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TITLE: Commercial online backup service that provides transparent extended storage 
to remote customers over telecommunications links 



Appl i rah inn Filing Date (1) : 
1 QQ7mi Q 

Rrief fininmary Tpyt (8) : 

Because computer users often demand instantaneous sharing of computer information 
and cannot wait for someone to send them a floppy disk containing the information, 
various "on-line" personal computer connections have become popular. The computer 
user can connect a "modem" (a kind of data transmitter and receiver) between his 
computer and his_LeJLephone line. The computer controls the modem to automatically 
call the telephone number of another computer, which also has a similar modem 
connected between it and the telephone line. The two computers can "talk" to one 
another over the telephone line, and can exchange all sorts of information such as 
files, Email, and computer programs. 

R-Hgf S ummary Tpyt (16) : 

One problem with the Internet is that a local computer can directly access the 
resources of another computer, thus allowing a local computer to introduce a boot 
sector virus, for instance, on the system disk of a remote computer such that the 
remote computer will become infected the next time the remote computer is booted. 
NFS and RFS do utilize security controls to set the discretionary (public access as 
set by user) and mandatory (secured access defined through system maintained 
security attributes for each object on the system) controls when making a local file 
system available to the network. A remote user with proper authori ti es , however, 
still has direct access to the remote system's storage, however, and so the 
opportunity exists to transport unwanted data and programs to the remote system. 
This problem has cause serious consequences in the past (e.g., in 1988 a WORM virus 
spread throughout the Internet and infected many computers) . "Local area networks" 
(LANS) are another common way to interconnect computers. Many businesses now store 
most or all of their important data on a special shared personal computer called a 
"file server." User computers access the shared file server over a high-speed data 
network called a "local area network" (LAN) or a "wide area network" (WAN) . Briefly, 
a "local area network" interconnects data equipment within a limited geographical 
area, allowing user computers to communicate with each other and to share central 
resources such as printers, data storage, and long distance data communications. 
LANs are typically interconnected with coaxial copper cable, unshielded twisted pair 
cable, or fiber optics. Using a LAN to inter-connect computers provides a more 
efficient and faster means for data transfer than traditional file transfer methods. 
All users on a LAN can share resources such as printers, storage devices, and 
telecommunication links to limit costs associated with duplication of data and 
equipment. A LAN can also improve business functions with interconnected 
workstations accessing electronic mail and various shared applications such as 
customer service inquiry. 

Rripf Summary Text (20) : 

IBM also introduced a "Virtual Disk" function as part of its "PC Support." This 
function allows users to access personal computer programs and information by 
accessing the mini computer as if it were a locally-attached personal computer disk 
drive. Thus, the minicomputer simulates a local disk drive with a "virtual" or 
"simulated" disk that actually comprises hardware and software resources of the 
mid-range computer. In other words, the mid-range computer when attached to the 
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personal computer "loo^like" a local disk drive to thogDersonal computer The 
personal computer "thi^" it is writing to a locally arched disk drive when 
actually its data is going through a communications (e.g., telephone ) line and gets 
stored in the memory and/or hard disk of the minicomputer. 

Hripf .gumma ry Tffxt (24): , n . 

in one configuration, the IBM AS/400 can be used with dial-up telephone lines to 
attach "virtual disks" to remotely located personal computers. Modems are used to 
provide an interface between the AS/400 and standard dial-up telephone lines The 
modems connect to a "communications controller" interface board within the AS/400 
This "communications controller" board translates the data streams between the modem 
and the AS/400. Using these techniques, it is possible to have a remote personal 
computer call up the AS/400 over a dial up telephone line and attach to a "virtual 
disk" provided by the AS/400 (this requires both the remote personal computer and 
the AS/400 to run appropriate "PC Support" software) . The personal computer assigns 
a drive designator (e.g., " E " ) to the "virtual disk." If the computer user commands 
the personal computer to write to the "C" drive, the personal computer will write 
the information to the local PC hard disk. If the computer user, on the other hand, 
commands the personal computer to write to the «E"( virtual) disk drive the 
personal computer "thinks- it is writing to a locally attached "E" disk but « 
instead sending its data over the telephone line for storage m the AS/400 Reading 
from the "E" drive retrieves files from the AS/400. The reader is referred to the 
IBM documentation concerning this function, and in particular, the "PC Support 
manuals relating to the IBM System/36, System/38 and AS/400. See also IBM manuals 
relating to TCP/IP for the IBM RISC 6000 describing the "mount" command supported 
under the AIX operating system. 

Bripf giiimnary Tf*y:t (72) : 

ttUt- ^hhoT-iLhion to access the host may be granted by a "sign-up" system The 
"siqn-up" system may create a configuration file including password and other access 
information, and download the file to the user's workstation. Initial charges may be 
collected via a user- supplied credit card number. Alternatively, access to the 
"siqn-up" system may be via a "special pay" telephone number (900) such that 
compensation is received by the service provider from the user via the telephone 
company billing system. 

Rripf gnrnmar-y Tp.ict. (74): 

A dialing pattern sent to a customer computer (e.g., a certain number of calls, 
certain number of rings each call, a certain wait period between each call) triggers 
the customer computer modem to switch into answer mode. Upon answer, an access code 
is optionally sent to the customer's computer that identifies a reason for the host 
call (i e , dial back verification, host task completed on behalf of customer, mail 
or data'waiting for download to customer, etc.). The host computer flags a customer 
rpmrrt indicating the customer computer answered at the appropriate time (dialing 
pattern match) , thereby allowing the customer computer to access the host A 
Customer Signal file is used to queue the dial-up requests. This allows the host to 
triqqer the customer to call the host when needed, and also allows the customer to 
be certain that only his computer can access the service. When the customer calls 
the service first, the service hangs up and queues a dialing pattern to be sent to 
the customer. Only when the customer computer answers after a certain dialing 
pattern will the ^T^^ allow the customer entry. The customer accesses the 

service, but only after the host flags a dialing pattern match. If the host dials 
the customer first and gets a pattern match, then the customer can access the system 
immediately without this dialback sequence. 

ngt-ai 1<arl npspripfinn TV>xt (10) : , , . _ cn 

These and other problems and difficulties are eliminated when customer computer 50 
connects to an on-line service system 100 provided by the preferred embodiment of 
the present invention via a data link 150 as shown in FIG. 1. Data link 150 may 
comprise a dial up <* r hnn<=> line or other similarly convenient telecommunications 
link that allows customer computer 50 to be located remotely to the on-line service 
svstem 100. The on-line service system 100 provides various capabilities (e.g., data 
storage, program storage, processing, and input/output devices) that enhance the 
operations of customer computer 50 in order to solve the drawbacks and problems 
mentioned above. On-line service system 100 provides software and computing services 
to customer computer 50 in return for fees. Such software and services can be 
extremely valuable to the user of customer computer 50 in that they Provide 
enhancements to the operation of the customer computer that were available either 
not at all or only through great expense and/or inconvenience. 



2 of 9 



7/28/03 7:3'. 



y^rpre^rra^SoSd l^^eplica computer 160 is cap^e of operating in an 
S Tine mode or in an off-line mode. In the on-line mode, the replica computer 160 
co^unlcatts interactively with customer computer 50 to perform processing tasks. In 
™- n mode in the preferred embodiment, the customer computer 50 and the 
on-line replica computer 160 cooperate to support processing in either and/or both 
orocessoS (shared access to data buffers and a record locking scheme is used to 
ensure safe acSss) In the off-line mode, replica computer 160 performs personal 
compter tLks K response to direction from host computer 104 without having an 
on-line, interactive link with customer computer 50. 

Ho s t 1 1 ]gp!£lr r lSrgoS£ s Virtual disk drives" to customer computer 50 and replica 
coSuter^ ^60 in tie preferred embodiment through use of conventional software 
available from IBM. In Ihe preferred embodiment, host computer 104 comprises an IBM 

mid-rlnae computer providing "PC Support" virtual disk, print and other 
iS^iaSS lunction^As e^plained^bove, the IBM-provided PC Support Software makes 
?r %a«>v to attach a "virtual disk" or virtual printer to a remote or local personal 
compter such S customer computer 50. For DOS machines, "PC Support" requires that 
certain device drivers (EIMPcI.SYS and ECYDDX.SYS) are resident in the «ry of the 

nrovide different performance based on different overhead requirements (e.g., 
oerlonal comber memory usage) . The AS/400 allows a personal computer to attach to 
£ -ESed folder? H I "Folder Drive" this allows the PC user to assign a drive 
tetter" to a specific folder, or as a "System Drive- (this allows the PC user to 
assign a drive letter to all the folders the n - rr is authorised to access) Using 
?his me?hod the DOS Change Director (CD) command can be used to change from one 
virtual disk drive to another, and normal operating system commands can be used to 
access and manipulate the virtual disks. 

payabilities of the on-line service system 100. Two physical disk drives 116a, 116P 
aS^iown connected to the host computer 104. The host computer 104 is shown as a 
customerdisk^repository with host system disks 116a, 116b logically divided into 
rn^omer virtual disks Ho^l^ompiiter physical disk drive 116a stores information 

S23^3^tS^««it^S«2[ Silks derive f.^^Sfff 

nhvsical disk drive 116b stores information associated with a further virtual clisic 
Strive) ThVhIILoompiitex 104 is shown with a communication link to the replica 
served computer 160 and a customer computer 50a. Two columns of drives shown within 
cuSomer°computer 6 50a identify the devices addressable by the customer Processor. 
The first column, "Local Disk Drives," xdentifies the physical drives 6 4AA. &*al 
Pnvsicafiy aShed to the customer computer 50a. The second column, "Virtual Disk 
EriveS" identifies the disk drives 136 (1) -136 (3) created f rom logically divided 
^storage Uhis may be the same or different storage is used to create virtual 
disk drives 136I-136K) . 

S r e" columns^' arive^s hown* within the replica computer 160 identify the devices 
addressable^, the replica computer. The first column, "Local Disk Drives," 
identifies thl drives 164A-164C physically attached to the replica computer 
}a Srive B Drive C Drive) . The second column, "Customer Disk Drives, " identifies 
t^e dilk drives 14bd:SbF physically attached to the customer computer 50 that have 
been redirected to the replica computer 160 as remote virtual ^*^£ !D ££ ive) , 
Tr.nv-ive P-Drive) (these may be the customer computer A:Dnve, B:Dnve, c. Driven . 
?he third coSmn "Virtual Sisk Drives," identifies disk drives 136I-136K created 
f rom SScSlS^ivided storage of no^ computer 104. Although each column shows 
three drives this is not meant to limit the number of attachable devices. The 
replica colter 160 is shown with a communication link 166 to the hnsf computer and 
another communication link 150b to a customer computer. 

^^^^fToJsVoLe of the more important high level tasks performed by 
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each of the main comports within the preferred embodiment (i.e., customer computer 

SfhgLSSaSSc 10 °<^ re P lica COm pUter 160) ^ EaCh ♦ heS£ S S w Lh r otn er S 
under software control ,Tnd certain of these tasks may tunicate with other tasks 

beinq performed by other computers. The customer computer 50 xn the preferred 
embodiment supports the high-level functions of communications, .logging security, 
rouSS! program execution 9 local disk access, and remote disk access. The on-line 
service hoat-CQmraitfir 104 supports communications, logging , security, command 
conSol program execution, host disk access and virtual disk access. The on-line 
and off lliSe 9 replica computers 160 in the preferred embodiment «ach support 
communications, logging^ security, routing, program execution, local disk access, 
rSSS acSs^Each of She computers 50 104 and 160 is Prided with local 
physical mass storage disk. Thus, customer computer 50 has its local hard disk 64, 

^ r ^ P r 104 has its local hard disk 116, and replica computer 160 has its 
local hard disk 164. 

T / lVereZTsV Ts fo/'g ctaff* restore and archive" services, host compntex 104 logs 
certain infoma^ion (e.g., user, begin time, etc.) for billing and security purposes 
(Hod 4x4??™nd Sen allocates ("mounts") the appropriate virtual disks containing 
the software needed to satisfy the request (block 416). The process of copying the 
information is performed in the preferred embodiment by customer computer 50 and/or 
reolica computer 160 by copying information to and/or from a virtual disk block 
lit). The end" time is Preferably then logged by host compute 104 for billing 
purposes (block 414) . 

npha i 1 pH npsrr i pi- i r>n Tpyt (103) : . . 

If the request is for program or data rental (block 428) , the appropriate 
information is logged as before (block 430) , and the virtual disk storing the 
Program or data to be rented is then allocated to the appropriate computer (e.g., 
cistomSr computer 50 and/or replica computer 160) (block 432) A "host" security 
Program is executed by the host computer 104 to prevent unauthorized copying of the 
?StSS disk contents" and a similar program executes in the ^omer computer 50 
and replica computer 160 to prevent unauthorized access to virtual disk data and 
prograS resting in random Lcess memory. The customer comput er 50 and or replica 
computer 160 executes the rental program or accesses the /ata (block 434) 
Meanwhile computer 104 keeps track of beginning and ending times of access to 

SSIe that t£e customer can be billed based on the amount of time he has used the 
contents of the virtual disk (block 430) . A customer can also be billed on a per use 
basis or a monthly charge basis. 

user may request to "purchase" a Particular program 
or" data For example, the user may want his own copy of the program or data locally 
stored or he may wish to modify it such that it is not feasible to merely rent it 
If the request is for a "purchase," logging is performed as before (block 438) , and 
then thrSo^compiiter 104 allocates the appropriate virtual disk containing the 
program or information to be purchased (block 440) . Ho^oompxitex 104 al ^ allocates 
a destination device for receiving the purchased program or information block 442) . 
^hifdeSinatioS device may be. for example, the local hard disk 64 within customer 
computer 50 The selected software is then copied to the destination device in order 
to complete the purchase (block 444) . This copying operation is preferably performed 
only upon receip? of payment from the customer (e.g., by checking credit card 
authorization and charging the associated license fee to the customer' s credit card 
account). Software demonstrations of the programs not requiring secured customer 
data can be made available to all customers by providing access to a shared 
execute-only virtual disk. Demos allowing secured customer data can be provided Joy 
Spying p?ogramf or information stored on a secured virtual disk to a temporary 
virtual disk with customer execute-only access. If payment is not received w thin a 
Specified period, the virtual disk can be deleted. Upon receipt of payment, the 
Smporary virtual disk ownership can be transferred to the customer for complete 
acclsl ^his enables the customer to obtain immediate access to thed e si r ed sof tware 
while allowing the service provider to later revoke access if payment is not 
received . 

^if^utsfffro^ services (block 446) , the request is logged as 

before (hl£* 448) and 104 also determines whether the customer is 

enticed to release update and also .whether this particular .customer wants or needs 
the release update (block 450) . Assuming that the customer is authorized to receive, 
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wants and needs the updgfe, ho.r computer 104 allocates jC^^g^gf ^ d 
release update (more tiPone may be transferred at the J»e time) ^lock 452) and 
t-hen cooies and/or applies the updates to customer computer 50 (block 454) . wnen 
nSces5a?y? a program P can be executed to perform special services such as 
configuration changes to customer computer 50. 

^^^^^T senllic description of additional user request handling, 
beginning and ending timel are logged for billing and security (block «8) 
approbate virtua^disks and/or other virtual . devices are allocated to handle the 
reouest (block 460), and appropriate software is executed and data is accessed 
ggg; t hQ S!2mputir 104 and/o? replica computer 160 and/or customer computer 50 to 
handle the request (block 462) . 

K S ^iriirrflg^rrS program control steps performed by customer computer 50 to 
llt^ll the « security check" routine shown in FIGS. 14A-14H. The purpose of the 
se1u£ty cLck ^s ^ensure that only "authorized- tasks are performed. The routine 
firSc obtains the command (block 742) and determines whether it was generated 
locKly or SJ lit remote computer (i.e., from the host 104 or the line replica 
i «n? if the command is remotely originating (e.g., by a user of the replica 
computer Ifo or Ty the host 104via I "PC Execution" command; "no" exit to block 
computer id u y the comman d to determine whether it is allowed. If the 

canals ^^"a^Ltfinfo^tion is g Wlgg Vk^SLgg"" 

Tst) a riae is sSt to tell the custoJSTiirver router 518 to deny the request 
"Jock 752* and J violation message is sent to the controlling session (block 7541 . 

IftVe command was entered by the user of the customer computer 50 it will 
aenerallv be performed since the user should not be limited in what ne can ao wicn 
his own local P computing resources and security checks performed at host 104 and 
reolica computer 160 prevent the customer computer command from creating 
Authorized accesses on those computers. There is an important exception however, 
S Se caS ol sof tware rental. In instances in which the system 100 attaches a 
virtual diSk to ?he customer computer 50 containing software that the user o 
customer computer 50 is only allowed temporary access to, the user could attempt to 
bvoS the Resource securitj to the virtual disk through various techniques 
Source security which is used by the preferred embodiment AS/400 host 104 to 
Resource security, wnicn store d -objects," can be used to control access to 
inrorSatJoriithin'aifreren; "vSual drives" provided by the AS/400 host computer 

. anEn^ 

SdSifluagS^ ?ubUc authority describes the . ufhorif-y for nil ii-ers who do riot 
^SSSficfa^hSSty. Resource security applies to each virtual disk drive and 
Eo each object within the drive. The AS/400 supports the following file sharing 
modes when sharing files: 

So t e 1 lnat n the r AS/luu lecu rity^easures do not provide any "execute only" access to 
objects stored^n a°virtual aisk. Thus, to grant execution rights to customer 
computer 50 over a particular program stored on a virtual disk the P^^red^. 
embodiment host 104 must allow the i-g^gg^^.^.^^y^^g' 
uLa U S'an r unscrupSous r u?er 3 So2r colter 50. to take a copy of a rental 
program on a virtual disk without paying the appropriate license fee. 

g ir 'ls^rrflowcnarrof exemplary program control steps performed by the hast 

bv^he router to validate requests. Decision block 920 then tests whether the 

if" addJion U ?o uslr ID aS object resource security) . When \^omer is running 
applications within her own customer computer 50 and a request to the host is issued 
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to change to a differer^on- line server virtual devicej^ive or ^directory, the 

is validated fdBlccess rights by decision blocl^po. Routine yub cnen 
determines whether or noTthe request for a particular program and/or information is 
determines wnetner or ""^ «- Th i s test is important for program rental and other 

lecured°access In ^hS? case 'the router re^uesS are validated to restrict programs 
secured access, in wnicn certain (virtual device) drives and subdirectories in 

lit preferred emiodtmen? If "access is allowed, then host- computer 104 logs billing 
data ?Pu time storage type and usage to permit billing and audit trails (block 
tlT)' If tne security check performed by block 922 fails, then host computer 104 
?oos'the securiS violations (block 926), flags the router to deny access to the 
SesKd device 7 (Slock 928), and sends a violation message to the controlling 



session (block 930) 



g rf erring^lo'FiS.^ , 'onc^it is decided by h o st computer 104 that a particular 
?ul?ome? computer 50 will be signalled, the host computer logs signal and time for 

;^" d „°*"^f" ™4 next determines whether the customer computer answered 
final call (decisron block 962K I£ the nffi^QWUUJJ answered on the second ring , 

detect wSK^s S« ErLat tif olSr^ SO 
•"i™^ ™ Se correct Am ' pS"des auold authentication and security, since it 
aigws "the hSLSSucL: r 0 4 to have some assurance that it has contacted the 
appropriate customer computer 50. 

5 fr ^i^ r ^B^rS ta"^k 1000 specifies an access code in field 1000D (as 
HJ^ ?ofbv decision block 966) , then host computer 104 sends the appropriate 
tested f°^ b y ^" s ^, D1 ?fter th4 access code is sent (or if no access code is 
access code 968), after the access ^ fchen ^ aet a 

iihd=t y a P s P c^ ssssis sarT.sr 

associated with that particular signal, 
than by the host request task 912. 

A ss uming that^ ZsTTe ^llV task 912 is going to.perform the request host 
iSPS i04 determines whether an on-line session ^ necessary ^ satisfy the 
reouest (decision block 986). Some requests (e.g., requests f or pure P r ° ce ^^ 9 ' 
be^atisf led without the associated customer computer 50 being logged on. Jo"* other 
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host request is re-queu^until the customer computer beagis an on-line service 
session (blocks 988, 99^992) . 

by the loggpf i -on customer computer 50 (block 110 2^ and log^t ne g accesseg fche 
for billing and security Purposes <£lock 1104) . ^utS?50fJom the customer control 
basic information associated wxth the customer computer su ™" „ ^ cofflpiltfir 104 
SSI block 1002 associated with the^ser ID/password tggg^'^ gg Sedial back 
checks within the customer control data block 1002 to determine wn 5Q 
option 1002R requires the nosf rompufer 104 to cu f JJJJ^jf then host 

before allowing process requests (block 1108) . If ^^ C J J| ^determine whether 
rnmpul-.e.r 104 checks the "sign-on allowed flag of record l \ ag p rope r ly to allow the 
the "signal oust omer" task block 972 (FIG 19B) set this flag P^PJ 104 
customer computer 50 to call in It cne riag « ' t for the hn ^«- m T ,it- P r 

being transferred via the on-line service. 

Dpfailpri PenrripH on Text (323): . . controller 112 to determine 

Host computer 104 next queries its ^ ^™ ™ J ^ e telephone number 

instead of by the host computer 104 (block 1138) . 

Detailed Description Text (324): attaches to customer computer 50 a 

Referring now to FIG. 21C,_ riosr ^P"^" , f . r . es the customer computer to 

virtual disk containing anti-viral software and f g^es^the^cus t p the 
execute the anti-viral code (blocks 1140, 1142) host requests outstanding for the 
host request file 1004 to see if there are any host requests o I ecisi on 

completed, clears the host "^'^ 'block 1156) ; x "' Co decision block 1152). hast 
(block 1162) , and clears the host request (block 1164) . 

8 ?fe. r cS U oL? p , i /rhosrr4u«.rr t e av, y 

host requests in the preferred embodiment If the cust omer wa 10 ^ i logR the 

computer (block 1172) and disconnects (block 1174). 
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h il II i il'l ' ^""^ ' a „ omr , llt - PT . so issued request (block 1176), 

If the customer compute*^ or replica ^puter ^issuepp ™t and begin time 

host rnmr.nt-.fir. 104 logs the b ^"* ^P^SeJnS the request is for an off-line 
(block 1178) . Hnit computer 104 then checks w ^ertnerequ^^^ performs the 
replica computer (block 1180) . If it is not then the toat^ompuLer p off . line 

request and end time for billing (block 1188) . 

of FIG. 21C and block 1182 of FIG. 21D in °^er to p recfU e S t. F""" computer 104 
only the necessary areas of nost romp Sd^neTdetermines the source 

the customer computer 50, replica computer 160 or hose JPJoc . determined b y 

is executed is based on the processor flag "^hin the request^ a ^ M 

the type of software to be ^cuted te.g^, minicomputer or^m iss £ ing a rou ter 

as other factors. In this context the host command is capa necessary . m the 
command to execute the program in customer s computer bu ^ 
case of replica server sessions host _^ed £o^he wor execution to 

directed to the replica computer a ^ r eplica server routing c COJtmand line 

ass SffiTs ssfejnss^. 

S3 X!X & E3: 33: a&S£ SSSS an* «n« ** urn, 

(blocks 1206, 1208, 1210). 

net a i 1^1 npnrripHrm Text (334) : during command creation that allows the 

The command authority refers to the option during comm execution . T he user 

command to adopt the authority of the commands owner during «J hQst commands 

profile of the owner of the « d jay be set ^J^TLSSrlty Is the authority 
that the customer does not have on ner own. Ai block 1198 (which typically 

of the secondary command processor call from FIG^^lE blocK iisb V of y $ irtua i 
would not provide authority to most system virtual <^ksK in cne WQuld 
disks used for system functions or owned ^ another ^ s ^° me ^ s ^ f virtU al disks 
be denied based on lack of u se r ^oiirreaiithnrn fry . In the case of vi ation 

used to supply rental ^^^^SS^SL^Sa STSSted to selection by 
may be denied if it is dete ^^ d ^ h ^ w °5 K gtation programs described in FIGS. 21A 
menu or command £| SIX command authority (adopted from the 

and 21E (calling a CL command, FIG. z it, witii ^> oerformed during execution 
owner of the command) to cause tte^iontobe SoSHeed to select the device 
within block 1198). in this situation, the customer ™^ a d ^ cribed) before selecting 

S&Sd^'S.^S.SS SSSS.tS=S»3'»2S secure aucs for the 
user profile. 

S S ^S r^fKwcnarro f^xeUlary P;^^,*^?^?^^^^ 
computer 104 to manage an off-line replica session^ The ^ h ^ a t J°^ u manipulate 
provides a user ID and associated pas sword to ^staeiisn au y The 
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us « id The off-line re^:a computer then reads J^^.^SS^blo* 

ufi7 \ and begins processing the request. \u± u computer 160 writes a 
soSare^Once the rS^he'hoS^eSSt f Ue* (SoS 148?) , and routes data J 



destination user (block 1495) 



nrrnilr^ n-^inrmn Text (337). on . line workstation programs represented by 

A significant difference between the on lica computer 160) receives all 

ftgs 21A and 21P is that FIG. 21A (on-line "P^* t £ e cust omer or by requests 
commanded menu option input . either ^teractxvely^y.^ progra m represented by FIG. 
read from the Host Request file- ™™ all CO mmand and menu option input £ f°™ 

?K^e r ^ So* «f ffiffl^ SW^«- 
Off-line Replica Request. This ^ e ?^X f content, timeout, etc.) and P^viae 

FIGS. 21A and 21F is that both satisfy on calling C L programs generically 
described in FIG. 22H "Request QP fc ^ „ £i oc | 1488. Each of the request 

owner of the command to access resources the ~ B ^^J aerjnjut hQritiea to 
and the command is logged. 

rollowing^nformatioS useful for billing purposes: 

Current IIS O rir— 1 Clas^i£ication (D •• 
zn.5/34 
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SSrSSSSfSlSL'JSSS service. that provides transparent extended stora g e 
to remote customers over telecommunications links 

TTS P^^ril- Nn. (1) : 

user can connect a 'modem- ('f^f^^^JSroS the modem to automatically 

Snfr'ov^thrteLp^ne^l^anl'cai^change all sorts of Information such as 
files, Email, and computer programs. 

dually ST2S ^SS; S^'SL^^n^SLS^S. and 9 ets 
stoied in the memory and/or hard disk of the mxnxcomputer. 

Sodems connect to a '«>-r}?"5^Sf^St^t^£tt^SSaS between the modem 
S't^^^"^^^. WIS^SAo have a remote personal 

computer <^ Ynv'the^/.soTnis ^Is^tfthe JS*?££22 computer'and 
dxsk" provxded by the 1 w%£S2ort" software) The personal computer assxgns 

commands the personal computer to wrxte fc ° * .J^tStad -B" disk but is 

under the AIX operating system. 

S e srand^t^ are eliminated when customer computer 50 

7/28/03 7:42 
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connects to an on-linegfvice system provided by thjgref erred e^diment of 

cSmoKsff dlST^SlSe 1 ne'of otne/si^Sly^onMient telecommunications 
Unk that aSSie cusfSfoomputer 50 to be located remotely to the on- ine service 
linK cnac aj-xowt, o service svstem 100 provides various capabilities (e.g., data 

SlEKSe? ^Sr^iTSXrn ?or fees. Such software and services can be 
extremely valuable to the user of customer computer 50 in that th «y j^ f 
Sancements to the operation of the customer computer that were available either 
not at all or only through great expense and/or inconvenience. 

S f ^&^iS^S.^S . ( once"-it is decided by host computer 104 that a Particular 

SSftr ^loca^M aufsenlfa SiST 

oattern to ?S JSepiiSe number of the customer computer having the appropriate 

95?^ Host computer ^4 next determines whether the customer computer answered 

^^€Sti£z ^ ome xf sres ss; ^"Jwr^cuSL? the 

final call (decision blocK 3b^. i instead answered on the second ring, 

SOS'S on Se correct ' prides »dS!d authentication and security sine, it 

Snows the host computer 104 to have some assurance that it has contacted the 
appropriate customer computer 50. 

charges begin Basic charge amounts are also displayed If the customer does not 
^within * Sff?' 1 ^?^ Sg"}S oS°n32r° ignroff^fcus oSer S =lSputer 

K "S02 °Jo S !ndicate Sat blK?n, is beingVndled by the telephone company 
instead of by the host computer 104 (block 1138). 
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Hewlett-Packard, Accounting System Planning and Billing, Aug., 1992, 1-4. 



ART-UNIT: 2765 



PRIMARY-EXAMINER: Nguyen; Cuong H. 



ATTY-AGENT-FIRM: Brinks Hofer Gilson & Lione 



ABSTRACT : 



A system and method for monitoring remote computer access and associated costs is 
provided. The system includes a remotely located communication server in 
communication with multiple host computer networks and in communication with a 
network access server. First and second memory devices contain a list of authorized 
users for the host computer networks and a user log for use by a billing computer to 
generate bills. The method includes the steps of creating starting and ending time 
stamps for each authorized user accessing a respective one of the multiple host 
computer networks and creating a user lag. to generate bills and monitor host 
computer network usage. 

13 Claims, 2 Drawing figures 
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DOCUMENT- IDENTIFIER: US 6349289 Bl 

TITLE: Method and system for tracking computer system usage through a remote access 
security device 



Abstract Text (1) : 

A system and method for monitoring remote computer access and associated costs is 
provided. The system includes a remotely located communication server in 
communication with multiple host computer networks and in communication with a 
network access server. First and second memory devices contain a list of authorized 
users for the host computer networks and a user log for use by a billing computer to 
generate bills. The method includes the steps of creating starting and ending time 
stamps for each authorized user accessing a respective one of the multiple host 
computer networks and creating a user log to generate bills and monitor host 
computer network usage. 

US Patent No. (1) : 
6349289 

Detailed Description Text (10) : 

The pass code preferably consists of a fixed personal identification number and a 
time variable security token. The security token may be a soft token, such as a 
software application on each authorized user's computer, or a hard token, such as a 
secure ID card 14 available from Security Dynamics, Inc. Each authorized user 
preferably has her own security token and the security token may be a sequence of 
numbers, letters, or other type of symbol. Using the secure ID card 14, the security 
token is obtained by the user from a display that generates a new security token at 
predetermined time increments. The NAS 30, containing an identical security token 
generating algorithm synchronized with the secure ID card 14 generates the same 
security token to verify that the user is an authorized user. On authentication, the 
communication server 20 connects the user computer 12 to the appropriate host 
computer 34 for the duration of the call. The NAS 30 receives an ending time stamp 
from the communication server 20 at the conclusion of the remote ar.rftfls call when 
the user hangs up or otherwise disconnects from the host computer network 34 (at 
step 54) . Following the conclusion of the remote access call, the service bureau 
stores the starting and ending Lime stamps in the NAS memory. Preferably the 
starting and ending time stamps are associated in the user log with the list of 
authorized users so that the user log contains a record of computer time usage for 
each authorized user (at step 56) . 

Detailed Description Text (16) : 

From the above, a new system and method of monitoring access and fees for host 
computer networks with relocated users is provided. The method includes maintaining 
a list of host computer networks and associated list of authorized users for each 
network, creating a starting and ending t±me stamp for remote access calls, 
transmitting the starting and ending time stamps in the user log to a billing 
computer in addition to other billing information, and generating a billing summary 
of costs and usage at the billing computer. The system preferably includes a 
security service bureau providing secure remote access between remotely located 
authorized users and their respective proprietary host networks. In one preferred 
embodiment, the NAS preferably records time stamps and a user log indicating usage 
of resources by individual authorized users. A billing computer is also included in 
the system having the login necessary to compile information from the user log in 
the security service bureau and cost information received from outside sources to 
generate a periodic bill indicating cost per individual user and/or department. 
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CLAIMS : 

1 In a system for providing secure remote access between a plurality of unrelated 
host computer networks and a plurality of authorized users via a network access 
server, a method of monitoring access to each of the unrelated host computer 
networks comprising the steps of: 

maintaining a list of host computer networks and an associated list of authorized 
users for each host computer network in a first memory device; 

automatically creating a starting time stamp at the beginning of a remote access 
call received from an authorized user at a communication server and connecting the 
authorized user to an appropriate one of the plurality of unrelated host computer 
networks after determining at the network access server that the authorized user is 
authorized to connect to the appropriate one of the plurality of unrelated host 
computer networks; 

automatically creating an ending time stamp at a conclusion of the remote access 
call; 

storing the starting and ending time stamps for the remote access call in a user log 
in the network access server, the starting and ending tdme stamps associated with 
the list of authorized users whereby the user log. contains a record of computer tjune 
usage for each authorized user; 

transmitting the user log from the network access server to a billing computer; 

transmitting the list of host computer networks and the associated list of 
authorized users for each host computer network from the first memory device to the 
billing computer; and 

generating a billing summary at the billing computer for each of the host computer 
networks. 

12 In a system for providing secure remote access between a plurality of unrelated 
host computer networks and a plurality of authorized users via a network access 
server, a method of monitoring access to each of the unrelated host computer 
networks comprising the steps of: 

maintaining a list of host computer networks and an associated list of authorized 
users for each host computer network in a first memory device; 

receiving a remote access telephone call to a host computer network from a user 
computer of an authorized user at a communication server; 

automatically creating a starting time stamp at the beginning of the remote access 
call received from an authorized user at the communication server and connecting the 
authorized user to an appropriate one of the plurality of unrelated host computer 
networks after determining at the network access server that the authorized user is 
authorized to connect to the appropriate one of the plurality of unrelated host 
computer networks; 

automatically creating an ending time stamp when the user computer terminates the 
remote access call with the host computer; 

storing the starting and ending time stamps for the remote access call in a user log 
in the network access server, the starting and ending time stamps associated with 
the list of authorized users whereby the user log contains a record of computer tame 
usage for each authorized user; 

transmitting the user log from the network access server to a billing computer; 

transmitting the list of host computer networks and the associated list of 
authorized users for each host computer network from the first memory device to the 
billing computer; and 

generating a billing summary at the billing computer for each of the host computer 
networks . 
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ABSTRACT : 

A task-based classification and analysis system includes an analysis software module 
and a user interface. The analysis software module establishes and maintains 
relationships between a plurality of databases or, in a preferred embodiment, 
hierarchical task lists. The user interface provides user inputs to the analysis 
software module such as budget information which is associated with particular 
elements of the databases. In consideration of historical data models, the user 
inputs and predetermined relationships between elements of the databases, the 
preferred system generates information products such as task-based budgets. Another 
preferred system coordinates task relationships between a plurality of software 
modules, such as a billing software module and a time entry software module. 

16 Claims, 12 Drawing figures 
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R-r-i^f Su mmary Tfiyt (5) : ^, , _ 

U S Pat No 5,182,705 to Barr et al. discloses a computer system and method tor 
work management. Staff Tables are used to maintain authority levels for access to 
certain functions such as billing, docketing, etc. The disclosed system also 
includes an Activity Log used to track billing. AccfiflSftd information such as a 
description of the work done and the time spent are then directly fed into an 
automatic billing function. Additionally, a Local Data function facilitates the 
customization of data recordation and output at a local level. 
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ART-UNIT: 275 

PRIMARY-EXAMINER: MacDonald; Allen R. 
ASSISTANT -EXAMINER: Patel; Jagdish 
ATTY -AGENT -FIRM: Jones & Askew, LLP 



ABSTRACT : 

A method and system for providing an end-user with Internet access and allocating a 
cost associated with that access among the end-user and Internet sites 18 accessed 
by the end-user. A supervisory program module 58, such as a "JAVA" applet, resides 
on an originating station 24, such as a personal computer, operated by the end-user. 
The supervisory program module 58 may be activated by transmitting the supervisory 
program module to the originating station 24 from an Internet point of presence 22 
operated by a local access provider. Alternatively, a trigger may be transmitted 
from the point of presence 22 to the originating station 24 to activate a 
supervisory program module 58 already residing on the originating station 24. The 
supervisory program module 58 monitors the duration of connections with specific 
Internet sites, and transmits messages to the point of presence 22 indicating the 
duration of these connections. The local access provider uses the information 
received in these messages to allocate a cost associated with the access, such as 
the cost associated with using a telephone network 30, among the end-user and 
Internet sites accessed by the end-user. Unique keys and time stamps are used as 
security measures. Unique keys are random identification numbers or codes generated 
by the point of presence 22. Time stamps are clock readings are generated by the 
originating station, the point of presence, or other network components, are used as 
security measures. 

27 Claims, 6 Drawing figures 
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TVrawing DPRrHp finn Tp>xt (6) : 

FIG. 5 is a 1 ng -i r flow diagram illustrating a method for providing an end-user with 
Internet arrpss and monitoring the duration of connection between an end-user and an 
Internet site in accordance with the preferred embodiment of the present invention. 

n^hail^d n^c-r-HpHon Text (32): 

The supervisory program module 58 monitors Internet activity conducted by the 
end-user station 24 and transmits messages to the credit server 42. More 
specifically, the supervisory program module 58 monitors the end-user 1 s access to an 
Internet site 18 in the free zone by transmitting a " start . sub - free" message to 
the credit server 42 when the end-user station 24 transmits a URL request for the 
Internet site 18. The supervisory program module 58 later transmits a "stop. sub. -- 
free" message upon the occurrence of a predefined event, typically transmission of a 
URL request for another Internet site. These start. sub.-- free and stop. sub.-- free 
messages each include ":time stamps" or clock readings generated by the supervisory 
program module 58 based on the clock 51 controlled by the end-user station 24, along 
with the IP address and user name associated with the end-user station 24 and the 
URL or IP address of the arrpsssd Internet site 18. The credit server 42 stores the 
contents of the start. sub.-- free and stop. sub.-- free messages in the credit log 44 
to provide a record of the end-user's connect time with the Internet site 18. When 
the credit log 44 is downloaded to the billing system 46, the end-user's connect 
time with the Internet site 18 is computed as the difference between the time stamp 
of the stop. sub.-- free message less the time stamp of the start. sub.-- free 
message. 

Dpt-a-ilfiH npsnr ipfinn Text (47) : 

FIG. 5 is a ing-ir flow diagram illustrating a method for providing an end-user with 
Internet amm* and monitoring the duration of connection between an end-user and an 
Internet site. The login flow diagram of FIG. 5 further describes routine 414 shown 
on FIG. 4. The process illustrated by FIG. 5 is terminated when the communication 
between the end-user station 24 and the point of presence 22 is disconnected, 
indicated by the " YES" branch from step 416 of FIG. 4. It should be understood that 
the communication may be disconnected at any time during the operation of the 
routine illustrated by FIG. 5. 
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A timer-based fee-charging system for Internet services eliminates the 
inconveniences of contracting which are necessary with Internet providers as well as 
payments of usage fees and subscription rights, etc., and allows instant access to 
Internet connection services through an easy access and payment method. Such a 
system consists of: a terminal server to provide Internet access to clients; an 
authentication server to confirm whether or not a client is gaining access based on 
specific information input by the client; an extended authentication database, 
linked to the authentication server, which controls authentication data comprising 
specific information of, and the access status rate that indicates a predetermined 
available time range for access for, each client; a fee-charging server, linked with 
the extended authentication database, which constantly renews the access status rate 
by calculating access charges according to the amount of access time each client 
uses. 

18 Claims, 2 Drawing figures 
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ttc; Pat-^nr Nn. (1) : 
Rripf gumma yy TPYf. (11): 

The present invention is composed of a terminal server- -which can provide 
connections to the Internet for many and unspecified clients, and an extended 
authentication data base, which can precisely manage the maximum amount of 
authentication data. This data consists of specific (personal) J nf °^ion--such as 
a unique i^r-in name and password- -which responds to each client, and authentication 
data whichconsists of the access status rate, to indicate a predetermined available 
Hm P for use. This is programmed in advance, in relation to the specific personal 
information, as above. The authentication server interlocks with a specific extended 
authentication data base to check access status to the Internet, according to a 
command from a specific terminal server, based on the specific information 
input (ted) by the client. The fee-charging server is interlocked with the specific 
extended authentication data base which calculates the fee for access according to 
the lenqth of the Hm P . each client is connected, and constantly renews the access 
status rate of each authentication data of a specific extended authentication data 
base. 

r)f>1-a-i 1 npgrr ipl-inn Tpyf. (24) : 

2 in case a client hasllogged in already, and the present time is more than the fee 
t-^mo ^ a rr PSS fee is calculated from the arress time and is to be charged from 
the ^r P ^ status rate of the authentication data according to the access status 
rate for each time. If the specified access status rate falls below zero, the port 
resets, and the connection is cut. 

TV>ha-n<sH npfirript-inn TpyI". (25) : . _ 

Also for the sake of connecting to the Internet, the connecting information input 
by a client is controlled by printing it on a card for each authentication data, so 
that it can be connected by the act of inputting specific information witn a 
keyboard. Or the information can be controlled by being recorded on a card with 
magnetic codes for each authentication card, and it is also possible to have it 
connected by inserting the specific card into a recorder which is connected with a 
personal computer. At that time, the items of information which are to be printed 
(on a card in the former case) , include access status rate number, support URL, 
domain name, domain name server IP-address, POP server name, Ing-in name, password, 
and so on. 
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ABSTRACT : 

When an accounting process is performed through connectionless communications such 
as a WWW, etc., a retrieval CGI stores a retrieval result in a file having a file 
name generated from a process ID and a user ID. Then, a retrieving /accounting 
process is performed in units of a user ID and a process ID. A session is managed 
using the process ID as information to be exchanged, thereby requiring no resident 
combinational software. Furthermore, a volume -dependent accounting can be realized 
even when communications are disconnected. 

25 Claims, 14 Drawing figures 
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TTS P^^rit- Nn. (1) : 
qq^0772 

fiSlf^S^aideit system is based on the rime of access obtained from the 
^"» go 1fta of the server. However, communications are often disconnected on the 
nSSSrtnd the user may not be able to obtain the transmitted contents. Therefore, 
correctly recording an "access" into the log. does not indicate that the requested 
information has been successfully transmitted to the user. 

^ r rg.S r eaiS"brS 5 l|nid to serve a large number of users In this case user 
„Vr r *m includes plural times --~™ using the same user identifier (including a 
doub 1 ^ log-in. etc) . 



n^t-a-n^r* paacri ptiop Text (64) : 

If the retrieval result is accessed a first time , 



the accounting process 27 is 



requested to perform an accounting process. The accounting process 27 records an 
accounting ing in the accounting lag. file 28. 

S^^ir^e^f ^U are the same as those shown in FIG. 3. In this 
example, accLa is gained a first time to the retrieval result file, and an 
accounting log is generated by the accounting process 27 If the retrieval result 
cannot besu^essfully transmitted, the browser is kept ^ * ftrieval re 
state without displaying any data on the screen, or in a state where the retrieval 
result is displayed halfway. 
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